Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

windows defender (and other antivirus programs) warnings with pyinstaller>=4 (especially >=4.1) #5492

Closed
rpodgorny opened this issue Jan 20, 2021 · 8 comments
Closed

windows defender (and other antivirus programs) warnings with pyinstaller>=4 (especially >=4.1) #5492

rpodgorny opened this issue Jan 20, 2021 · 8 comments

Comments

@rpodgorny
Copy link

packed .exe files created by recent versions of pyinstaller are identified by antivirus software to contain malware.

...just try to submit PyInstaller/bootloader/Windows-64bit/runw.exe (and others) to https://www.virustotal.com and you'll see for yourself.
@schlopp96
Copy link

schlopp96 commented Jan 21, 2021
edited
Loading

Yes, this problem of .py to .exe converters, including py2exe, cx-Freeze, PyInstaller, etc. creates a sort of negative connotation in the programming community regarding the perceived "professionalism" of Python programs not being fully recognized for reasons such as this.

There is NO reason why creating a program, then freezing your code into a universally accepted, simple, and easy format to use (.exe) should be THIS difficult & bug-ridden. This will force devs to switch to another language that may not perform the intended task in a similar or effective manner at all, unless there is some luck and excellent planning involved.

Absolutely ridiculous. Something NEEDS to be done by the creators.

@srini-pro
Copy link

same

@srini-pro
Copy link

like Furbo!s

@bwoodsend
Copy link
Member

There's nothing we can do about dumb antiviral software. If there was some magic something we could change then malware creators would do it too and the race would start again. The best you can do is submit your applications to the antiviral software vendors as false positives.

@rpodgorny
Copy link
Author

ok. i was thinking like whenever you build a new runner, submit it right away (so individual users of pyinstaller don't have to submit their programs).

also, even if you decide to do nothing, please keep this issue in mind for the future - being identified as malware is a breaking change (for example windows defender just "steals" the file from you straight away) so whenever you rebuild your binaries please be sure to bump the major version.

thanks!

@bwoodsend
Copy link
Member

ok. i was thinking like whenever you build a new runner, submit it right away (so individual users of pyinstaller don't have to submit their programs).

It's not just us submitting it. Users will need to install security updates so their antiviral software can learn about this new bootloader.

@rpodgorny
Copy link
Author

ok. i was thinking like whenever you build a new runner, submit it right away (so individual users of pyinstaller don't have to submit their programs).

It's not just us submitting it. Users will need to install security updates so their antiviral software can learn about this new bootloader.

hmmm, true. :-(

@srini-pro
Copy link

There's nothing we can do about dumb antiviral software. If there was some magic something we could change then malware creators would do it too and the race would start again. The best you can do is submit your applications to the antiviral software vendors as false positives.

welll maybe put allow threat still waiting to be frictionless (linux too)

@jeanslack jeanslack mentioned this issue Feb 23, 2021
Closed
@github-actions github-actions bot locked as resolved and limited conversation to collaborators Nov 16, 2022
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@rpodgorny @bwoodsend @schlopp96 @srini-pro